You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Register a free account to unlock additional features at BleepingComputer.com

Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

1. I believe it became infected when someone tried to download a file and disabled mcafee

2. PC will only run in safe mode otherwise it becomes stuck in a reboot loop.

3. The malware has disabled system recovery and mcafee

4. You have run several infection removal programs including Malwarebytes, SDFix, and ComboFix; all found and removed several files including virtumonde.sdn. They all detected and attempted to remove mmbhlfp.dll, but were unsuccessful.

5. In addition, when I attempted to run ComboFix the malware prevented it from running. I was able to run ComboFix after downloading a new, renamed copy.

6. I have modified the registry in order to run regedit, and have removed some registry lines referring to files (reader_exe) that I thought to be malicious

6/26/2009 9:56:29 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}6/26/2009 9:56:21 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AmdK8 Fips6/26/2009 9:56:21 PM, error: Service Control Manager [7023] - The srservice service terminated with the following error: The system cannot find the file specified.6/26/2009 9:56:21 PM, error: Service Control Manager [7000] - The mcmscsvc service failed to start due to the following error: The system cannot find the file specified.6/26/2009 9:55:17 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}6/26/2009 9:55:13 PM, error: SRService [104] - The System Restore initialization process failed.

I see you're dealing with Virut on top of the other nasty malware you are dealing with. In that case, it's unfortunately a lost case - Game over situation and a format and reinstall is the fastest and especially the safest solution.

So, I suggest you to start backup all of your valuable data/documents/pictures/movies/songs/etc.. Do NOT backup any applications/installers and Do NOT backup any .exe/.scr/.htm/.html/.xml/.zip/.rar files...This because these files may be infected as well. If you back them up and replace them afterwards, it will infect your computer again.